3737import os
3838
3939from tuf .api import metadata
40+ from tuf .api import keys
4041
4142from dateutil .relativedelta import relativedelta
4243import iso8601
@@ -56,6 +57,9 @@ def setUpClass(cls):
5657 test_repo_data = os .path .join ('repository_data' , 'repository' )
5758 cls .repo_dir = os .path .join (cls .temporary_directory , 'repository' )
5859 shutil .copytree (test_repo_data , cls .repo_dir )
60+ test_repo_keys = os .path .join ('repository_data' , 'keystore' )
61+ cls .keystore_dir = os .path .join (cls .temporary_directory , 'keystore' )
62+ shutil .copytree (test_repo_keys , cls .keystore_dir )
5963
6064
6165
@@ -68,11 +72,32 @@ def tearDownClass(cls):
6872
6973
7074
75+ def _load_key_ring (self ):
76+ key_list = []
77+ root_key = keys .read_key (os .path .join (self .keystore_dir , 'root_key' ),
78+ 'RSA' , 'password' )
79+ key_list .append (root_key )
80+
81+ for key_file in os .listdir (self .keystore_dir ):
82+ if key_file .endswith ('.pub' ):
83+ # ignore public keys
84+ continue
85+
86+ if key_file .startswith ('root_key' ):
87+ # root key is loaded
88+ continue
89+
90+ key = keys .read_key (os .path .join (self .keystore_dir , key_file ), 'ED25519' ,
91+ 'password' )
92+ key_list .append (key )
93+ threshold = keys .Threshold (1 , 1 )
94+ return keys .KeyRing (threshold = threshold , keys = key_list )
95+
7196 def test_metadata_base (self ):
7297 # Use of Snapshot is arbitrary, we're just testing the base class features
7398 # with real data
74- md = metadata . Snapshot ( )
75- md . read_from_json ( os . path . join ( self . repo_dir , ' metadata.staged' , 'snapshot.json' ) )
99+ snapshot_path = os . path . join ( self . repo_dir , 'metadata' , 'snapshot.json' )
100+ md = metadata .Snapshot . read_from_json ( snapshot_path )
76101
77102 self .assertEqual (md .version , 1 )
78103 md .bump_version ()
@@ -86,8 +111,12 @@ def test_metadata_base(self):
86111
87112
88113 def test_metadata_snapshot (self ):
89- snapshot = metadata .Snapshot ()
90- snapshot .read_from_json (os .path .join (self .repo_dir , 'metadata.staged' , 'snapshot.json' ))
114+ snapshot_path = os .path .join (self .repo_dir , 'metadata' , 'snapshot.json' )
115+ snapshot = metadata .Snapshot .read_from_json (snapshot_path )
116+
117+ key_ring = self ._load_key_ring ()
118+ snapshot .keyring = key_ring
119+ snapshot .verify ()
91120
92121 # Create a dict representing what we expect the updated data to be
93122 fileinfo = snapshot .signed ['meta' ]
@@ -97,10 +126,7 @@ def test_metadata_snapshot(self):
97126 fileinfo ['role1.json' ]['length' ] = 123
98127
99128 snapshot .update ('role1' , 2 , 123 , hashes )
100- # snapshot.sign()
101- # self.assertEqual(snapshot.signed['meta'], fileinfo)
102-
103- # snapshot.update()
129+ self .assertEqual (snapshot .signed ['meta' ], fileinfo )
104130
105131 # snapshot.signable()
106132
@@ -112,8 +138,12 @@ def test_metadata_snapshot(self):
112138
113139
114140 def test_metadata_timestamp (self ):
115- timestamp = metadata .Timestamp ()
116- timestamp .read_from_json (os .path .join (self .repo_dir , 'metadata.staged' , 'timestamp.json' ))
141+ timestamp_path = os .path .join (self .repo_dir , 'metadata' , 'timestamp.json' )
142+ timestamp = metadata .Timestamp .read_from_json (timestamp_path )
143+
144+ key_ring = self ._load_key_ring ()
145+ timestamp .keyring = key_ring
146+ timestamp .verify ()
117147
118148 self .assertEqual (timestamp .version , 1 )
119149 timestamp .bump_version ()
@@ -130,8 +160,9 @@ def test_metadata_timestamp(self):
130160 fileinfo ['hashes' ] = hashes
131161 fileinfo ['version' ] = 2
132162 fileinfo ['length' ] = 520
133- timestamp .update ('snapshot' , 2 , 520 , hashes )
163+ timestamp .update (2 , 520 , hashes )
164+ self .assertEqual (timestamp .signed ['meta' ]['snapshot.json' ], fileinfo )
165+
134166 # timestamp.sign()
135- # self.assertEqual(timestamp.signed['meta'], fileinfo)
136167
137168 # timestamp.write_to_json()
0 commit comments